Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A computer-implemented method of sharing data in a supply chain, the data corresponding to an item having a tag associated therewith, the method comprising: determining, by one or more processors, a random number from the tag, the random number being unique to the item; selecting, by the one or more processors, a first integer and a second integer from a multiplicative group of prime integers; generating, by the one or more processors, a first public key based on the first integer and a first key based on the second integer; generating, by the one or more processors, an identifier based on the first public key and the random number, the identifier being used to locate and identify encrypted data associated with the tag within a central repository of the supply chain; generating, by the one or more processors, a second key based on the first key and the random number; encrypting, by the one or more processors, the data using the second key to provide the encrypted data; transmitting, by the one or more processors, a tuple over a network; and storing the transmitted tuple in the central repository, the central repository comprising a persistent storage device, and the tuple comprising the identifier and the encrypted data and being absent from the tag.
A computer-implemented method shares data about an item in a supply chain. Each item has a unique tag. The method involves: (1) Reading a random number from the item's tag. (2) Selecting two integers from a special set of prime numbers. (3) Creating a public key using the first integer and a first key using the second integer. (4) Generating a unique identifier using the public key and the random number to locate the item's encrypted data in a central supply chain repository. (5) Creating a second encryption key using the first key and the random number. (6) Encrypting the item's data using the encryption key. (7) Transmitting the identifier and the encrypted data as a single unit (tuple) over a network and (8) storing that unit in the central repository. The tag does *not* contain the identifier or the encrypted data.
2. The method of claim 1 , further comprising generating a value based on the first key and the random number, wherein generating an encryption key is based on a pseudo-random function that maps the value to the second key.
The data sharing method, as previously described, further refines the encryption key generation. It calculates an intermediate value based on the first key (derived from the second integer selected from the multiplicative group of prime integers) and the random number from the tag. The second encryption key is then generated using a pseudo-random function which takes this intermediate value as input, providing a seemingly random key derived deterministically from the item's data. This strengthens the encryption process.
3. The method of claim 1 , further comprising providing the first public key to a second party, the second party seeking access to the encrypted data.
The data sharing method, as previously described, includes providing the first public key (generated based on the first integer selected from the multiplicative group of prime integers) to another party who needs to access the encrypted data. This allows them to prepare for decryption, and securely retrieve the item's data. The tuple containing the encrypted data and the identifier are available in the central repository for access by authorized users.
4. The method of claim 3 , further comprising transmitting the first key to a second party, the second party seeking access to the encrypted data.
The data sharing method as described previously, including providing the first public key (generated based on the first integer selected from the multiplicative group of prime integers) to another party seeking access to encrypted data, *also* involves transmitting the first key (generated based on the second integer selected from the multiplicative group of prime integers) to the second party. This combined transmission facilitates later decryption steps, granting access to the encrypted item data within the central repository.
5. The method of claim 4 , further comprising transmitting the random number to the second party.
The data sharing method as described previously, including providing the first public key (generated based on the first integer selected from the multiplicative group of prime integers) and first key (generated based on the second integer selected from the multiplicative group of prime integers) to another party seeking access to encrypted data, *also* involves transmitting the random number extracted from the item's tag to that second party. The random number provides a unique identifier and is used in generating decryption keys.
6. The method of claim 1 , further comprising: selecting from a multiplicative group of prime integers, a third integer; generating a second public key based on the first integer, the third integer, and the random number; and transmitting the second public key over the network for storing the second public key in the persistent storage device, the second public key used by the persistent storage device to determine the storing of the tuple.
In addition to the previously described data sharing method, including selecting two integers, generating a public key and first key, an identifier, a second encryption key, encrypting the data, and storing a tuple, this method also includes: selecting a third integer from the multiplicative group of prime integers; generating a *second* public key based on the first integer, the third integer, and the item's random number; and storing this second public key in the persistent storage device. This second public key is used to determine where and how the tuple is stored.
7. The method of claim 1 , wherein a first party generates the second key and transmits the second key to a second party to enable the second party to access to the tuple for the item.
In the data sharing method, as previously described, a first party generates the second encryption key (used to encrypt the data) and transmits that second key to a second party. This enables the second party to access the previously stored tuple containing the encrypted data and identifier for that specific item.
8. The method of claim 1 , wherein a first party generates the second key and the identifier and transmits the second key and the identifier to a second party to enable the second party to access to data corresponding to items that the second party possessed.
In the data sharing method, as previously described, a first party generates both the second encryption key (used to encrypt the data) *and* the identifier (used to locate the encrypted data), then transmits *both* the second key and identifier to a second party. This allows the second party to access data related to items that the second party *owns* or possesses within the supply chain.
9. The method of claim 1 , wherein a first party generates the second key and the identifier and transmits the second key and the identifier to a second party to enable the second party to access data corresponding to items that the first party possessed.
In the data sharing method, as previously described, a first party generates both the second encryption key (used to encrypt the data) *and* the identifier (used to locate the encrypted data), then transmits *both* the second key and identifier to a second party. This allows the second party to access data related to items that the *first* party owns or possesses.
10. A computer-implemented method of sharing data in a supply chain, the data corresponding to an item having a tag associated therewith, the method comprising: receiving, by one or more processors, at least one of a first key and a second key from a second party; identifying, by the one or more processors, a public key associated with the second party based on the first key and the second key; generating, by the one or more processors, a query based on a random number, the random number being unique to the item; transmitting, by the one or more processors, the query over a network to a third party; receiving, by the one or more processors, from the third party, one or more tuples identified by the third party based on the query, each tuple of the one or more tuples being absent from the tag and comprising respective encrypted data; and decrypting, by the one or more processors, the encrypted data based on at least one of the first key and the second key.
A computer-implemented method allows accessing shared supply chain data. The method involves: (1) Receiving at least one of a first key and a second key from another party. (2) Identifying a public key associated with that party based on the received keys. (3) Generating a query using a random number unique to an item. (4) Transmitting this query to a third party (presumably the central repository). (5) Receiving one or more tuples (identifier and encrypted data) from the third party, identified based on the query. The tag does *not* contain the identifier or the encrypted data. (6) Decrypting the received data using at least one of the first key and the second key.
11. The method of claim 10 , further comprising determining an identifier based on the public key and a random number, the random number being unique to the item, the query comprising the identifier.
The data access method, as previously described, including receiving keys, identifying a public key, generating and transmitting a query, receiving tuples, and decrypting data, further includes determining the query based on an identifier which is derived from the public key (associated with the second party) and the random number (unique to the item). The query sent to the third party *comprises* this derived identifier.
12. The method of claim 10 , further comprising generating a value based on the random number, the query comprising the value.
The data access method, as previously described, including receiving keys, identifying a public key, generating and transmitting a query, receiving tuples, and decrypting data, further refines the query generation. Instead of using a derived identifier, the query sent to the third party comprises a calculated *value* based directly on the random number unique to the item.
13. The method of claim 10 , wherein a first party generates the second key and transmits the second key to a second party to enable the second party to access to the tuple for the item.
In the data access method described previously, where a party receives keys, makes a query, and decrypts data, a first party generates the second encryption key and sends it to a second party. This enables the second party to access the tuple, containing the encrypted data and identifier, for a specific item.
14. The method of claim 10 , wherein a first party generates the second key and the identifier and transmits the second key and the identifier to a second party to enable the second party to access to data corresponding to items that the second party possessed.
In the data access method described previously, where a party receives keys, makes a query, and decrypts data, a first party generates both the second encryption key and the identifier and sends *both* to a second party. This allows the second party to access data for items the *second* party possesses.
15. The method of claim 10 , wherein a first party generates the second key and the identifier and transmits the second key and the identifier to a second party to enable the second party to access data corresponding to items that the first party possessed.
In the data access method described previously, where a party receives keys, makes a query, and decrypts data, a first party generates both the second encryption key and the identifier and sends *both* to a second party. This allows the second party to access data for items the *first* party possesses.
16. A non-transitory computer-readable storage medium coupled to one or more processors having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for sharing data in a supply chain, the data corresponding to an item having a tag associated therewith, the operations comprising: determining a random number from the tag, the random number being unique to the item; selecting a first integer and a second integer from a multiplicative group of prime integers; generating a first public key based on the first integer and a first key based on the second integer; generating an identifier based on the first public key and the random number, the identifier being used to locate and identify encrypted data associated with the tag within a central repository of the supply chain; generating a second key based on the first key and the random number; encrypting the data using the second key to provide the encrypted data; transmitting a tuple over a network; and storing the transmitted tuple in the central repository, the central repository comprising a persistent storage device, and the tuple comprising the identifier and the encrypted data and being absent from the tag.
A non-transitory computer-readable storage medium stores instructions to share data in a supply chain. The data corresponds to an item with a unique tag. The instructions, when executed, cause the processor to: (1) Get a random number from the tag. (2) Select two integers from prime numbers. (3) Generate a public key and a first key based on those integers. (4) Generate a unique identifier from the public key and random number to locate encrypted data. (5) Generate a second key based on the first key and random number. (6) Encrypt the data using the second key. (7) Transmit a tuple (identifier and encrypted data). (8) Store the tuple in a central repository, *not* on the tag.
17. A system for sharing data in a supply chain, the data corresponding to an item having a tag associated therewith, the system comprising: one or more computers; and a non-transitory computer-readable medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations comprising: determining a random number from the tag, the random number being unique to the item; selecting from a multiplicative group of prime integers, a first integer and a second integer; generating a first public key based on the first integer and a first key based on the second integer; generating an identifier based on the first public key and the random number, the identifier being used to locate and identify encrypted data associated to the tag within a central repository of the supply chain; generating a second key based on the first key and the random number; encrypting the data using the second key to provide the encrypted data; and transmitting a tuple over a network; storing the transmitted tuple in the central repository, the central repository comprising a persistent storage device, and the tuple comprising the identifier and the encrypted data and being absent from the tag.
A system for sharing data in a supply chain includes computers and a storage medium with instructions. When executed, these instructions cause the computers to: (1) Determine a random number from an item's unique tag. (2) Select two integers from a set of prime numbers. (3) Generate a public key and a first key based on those integers. (4) Generate a unique identifier from the public key and the random number, allowing location of the encrypted data. (5) Generate a second key based on the first key and the random number. (6) Encrypt the data using the second key. (7) Transmit a tuple containing the identifier and encrypted data. (8) Store that tuple in a persistent central repository, with the tuple and data *not* on the tag.
Unknown
August 19, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.